Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A non-transitory computer-readable medium having computer instructions stored thereon that, when executed by a processor, cause the processor to perform operations comprising: receiving, by a system, an indication that a user is within a predetermined distance from a particular location; receiving, by the system from the user, system login information; identifying, by the system, a set of permissions corresponding to the particular location, wherein the set of permissions controls access to particular data stored by the system; determining, by the system, that the system login information corresponds to the set of permissions; based on the set of permissions, enabling the user to access the particular data while the user is within the predetermined distance from the particular location; subsequent to enabling the user to access the particular data, determining, by the system, that the user is not within the predetermined distance from the particular location; and in response to determining that the user is not within the predetermined distance, disabling the user from accessing the particular data.
A software application controls access to data based on a user's physical location. The application receives a signal when a user is near a specific location. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. The system provides location-based authentication and access restriction, enhancing data security by limiting data accessibility based on user proximity to authorized zones.
2. The non-transitory computer-readable medium of claim 1 , wherein the particular location is a location of a particular user that corresponds to the set of permissions.
The location-based access control system, as described previously, uses a location that corresponds to another specific user to determine data access permissions. The application receives a signal when a user is near a specific location. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. In this case, the location is that of another specific user.
3. The non-transitory computer-readable medium of claim 2 , wherein the particular user is a supervising manager of an organization that includes the user.
The location-based access control system, where access is granted based on the location of a particular user, extends to situations where the particular user is a supervising manager within the organization. The application receives a signal when a user is near a specific location that is the location of the manager. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. This enables location-aware permissions related to management oversight.
4. The non-transitory computer-readable medium of claim 1 , wherein the particular location is a predetermined building.
The location-based access control system, as described previously, uses a specific building as the location trigger for granting data access permissions. The application receives a signal when a user is near a specific building. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined building, access to the data is revoked. This restricts data access to authorized physical premises, like an office building.
5. The non-transitory computer-readable medium of claim 1 , wherein the particular location is a predetermined vehicle.
The location-based access control system, as described previously, uses a specific vehicle as the location trigger for granting data access permissions. The application receives a signal when a user is near a specific vehicle. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined vehicle, access to the data is revoked. This restricts data access to users within the proximity of an authorized vehicle.
6. The non-transitory computer-readable medium of claim 1 , wherein the particular location is a predetermined landmark.
The location-based access control system, as described previously, uses a specific landmark as the location trigger for granting data access permissions. The application receives a signal when a user is near a specific landmark. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined landmark proximity, access to the data is revoked.
7. The non-transitory computer-readable medium of claim 1 , wherein the set of permissions corresponds to a plurality of locations including the particular location.
The location-based access control system, as described previously, determines data access permissions based on a set of permissions that are applicable to multiple locations, including the current specific location. The application receives a signal when a user is near a specific location. Upon receiving login credentials, the application checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked.
8. A method, comprising: receiving, by a system, an indication that a user is within a predetermined distance from a particular location; receiving, by the system from the user, system login information; identifying, by the system, a set of permissions corresponding to the particular location, wherein the set of permissions controls access to particular data stored by the system; determining, by the system, that the system login information corresponds to the set of permissions; based on the set of permissions, enabling the user to access the particular data while the user is within the predetermined distance from the particular location; subsequent to enabling the user to access the particular data, determining, by the system, that the user is not within the predetermined distance from the particular location; and in response to determining that the user is not within the predetermined distance, disabling the user from accessing the particular data.
A method controls access to data based on a user's physical location. The system receives a signal when a user is near a specific location. Upon receiving login credentials, the system checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. The system provides location-based authentication and access restriction, enhancing data security by limiting data accessibility based on user proximity to authorized zones.
9. The method of claim 8 , wherein the set of permissions is identified based on an identifier of the user.
The location-based access control method, as described previously, identifies permissions based on the user's identifier. The system receives a signal when a user is near a specific location. Upon receiving login credentials, the system checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. The specific permissions are determined by the identity of the user requesting access.
10. The method of claim 9 , wherein the indication that the user is within the predetermined distance is received in a transmission that includes the identifier of the user.
The location-based access control method, where access permissions are based on a user ID, includes the user's ID in the location signal transmission. The system receives a signal when a user is near a specific location. This signal includes the User ID. Upon receiving login credentials, the system checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked.
11. The method of claim 8 , wherein the set of permissions indicates that access to the particular data should be denied during particular times.
The location-based access control method, as described previously, determines data access permissions based on time restrictions. The system receives a signal when a user is near a specific location. Upon receiving login credentials, the system checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. These permissions can indicate that access to data should be denied during certain hours.
12. The method of claim 11 , wherein the indication that the user is within the predetermined distance is received in a transmission that includes a time at which the user is within the predetermined distance from the particular location.
The location-based access control method, where time-based restrictions are present, includes a timestamp in the location signal transmission. The system receives a signal when a user is near a specific location. This signal includes the timestamp. Upon receiving login credentials, the system checks the location and grants data access based on pre-defined permissions associated with that location. If the user moves outside the defined area, access to the data is revoked. This signal can be used to enforce time-based restrictions.
13. An apparatus, comprising: a processor; and a memory that includes one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform operations comprising: receiving an indication that a user is within a predetermined distance from a particular location; receiving, from the user, system login information; identifying a license corresponding to the particular location, wherein the license controls access to particular data; determining that the system login information corresponds to the license; based on the license, enabling the user to access the particular data while the user is within the predetermined distance from the particular location; subsequent to enabling the user to access the particular data, determining that the user is not within the predetermined distance from the particular location; and in response to determining that the user is not within the predetermined distance, disabling the user from accessing the particular data.
An apparatus, including a processor and memory, controls data access based on the user’s location. When a user is near a specified location, and provides login information, the system identifies a license associated with the location. If the provided login matches the license requirements, the user is allowed access. If the user moves outside the location, access is revoked.
14. The apparatus of claim 13 , wherein the license indicates that only a particular number of users are allowed to access the particular data at a single time.
The location-based access control apparatus, as described previously, limits the number of concurrent users who can access data. When a user is near a specified location, and provides login information, the system identifies a license associated with the location. If the provided login matches the license requirements, the user is allowed access. If the user moves outside the location, access is revoked. The license specifies how many simultaneous users are allowed.
15. The apparatus of claim 13 , wherein the operations further comprise receiving an identifier of the user, wherein the license is identified based on the identifier of the user.
The location-based access control apparatus, as described previously, uses the user's identifier to determine the appropriate license. When a user is near a specified location, and provides login information, the system identifies a license associated with the location. If the provided login matches the license requirements, the user is allowed access. If the user moves outside the location, access is revoked. The user's ID is used to identify the license.
16. The apparatus of claim 15 , wherein the operations further comprise: determining, based on the identifier of the user, that the user is not authorized to access other data, wherein the license controls access to the other data; and denying the user access to the other data.
The location-based access control apparatus, where the user ID is used to determine the license, also denies access to other data based on authorization levels. When a user is near a specified location, and provides login information, the system identifies a license associated with the location. If the provided login matches the license requirements, the user is allowed access. If the user moves outside the location, access is revoked. Based on the ID the user may be denied access to other data.
17. The apparatus of claim 15 , wherein identifying the license comprises selecting, based on the identifier of the user, the license from a plurality of licenses corresponding to the particular location.
The location-based access control apparatus, where the user ID determines the license, selects the license from multiple licenses associated with a location. When a user is near a specified location, and provides login information, the system identifies a license associated with the location. If the provided login matches the license requirements, the user is allowed access. If the user moves outside the location, access is revoked. The license is selected from a pool of available location based licenses, using the user ID.
18. The apparatus of claim 13 , further comprising a multi-tenant, on-demand database system that includes the processor and the memory.
The location-based access control apparatus, as described previously, is implemented in a multi-tenant, on-demand database system. When a user is near a specified location, and provides login information, the system identifies a license associated with the location. If the provided login matches the license requirements, the user is allowed access. If the user moves outside the location, access is revoked.
Unknown
November 7, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.